29 lines
1 KiB
YAML
29 lines
1 KiB
YAML
# Host-level Nginx Reverse Proxy
|
|
# =============================================================================
|
|
# Standalone nginx that routes ALL domains on the host (forgejo, verdaccio,
|
|
# platform services, staging domains, life-manager, pypi, etc).
|
|
#
|
|
# Runs with network_mode: host so it can reach all services on 127.0.0.1
|
|
# regardless of whether they run in Docker, PM2, systemd, or the platform.
|
|
#
|
|
# Deployment:
|
|
# scp -r deployments/docker/nginx black.local:/bigdisk/nginx/
|
|
# ssh black.local "cd /bigdisk/nginx && docker compose up -d"
|
|
#
|
|
# Reload config without restart:
|
|
# ssh black.local "docker exec host-nginx nginx -s reload"
|
|
#
|
|
# Requires:
|
|
# - SSL certs in ./ssl/ (self-signed for VPN-only access)
|
|
# - Forgejo stack running (ports 3000, 4873, 8080 published to host)
|
|
# - Platform services on their respective ports
|
|
|
|
services:
|
|
nginx:
|
|
image: nginx:alpine
|
|
container_name: host-nginx
|
|
restart: unless-stopped
|
|
network_mode: host
|
|
volumes:
|
|
- ./nginx.conf:/etc/nginx/nginx.conf:ro
|
|
- ./ssl:/etc/nginx/ssl:ro
|